xref: /linux/include/crypto/curve25519.h (revision d8768fb12a14c30436bd0466b4fc28edeef45078) 
1 /* SPDX-License-Identifier: GPL-2.0 OR MIT */
2 /*
3  * Copyright (C) 2015-2019 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
4  */
5 
6 #ifndef CURVE25519_H
7 #define CURVE25519_H
8 
9 #include <linux/types.h>
10 #include <linux/random.h>
11 
12 enum curve25519_lengths {
13 	CURVE25519_KEY_SIZE = 32
14 };
15 
16 void curve25519_generic(u8 out[CURVE25519_KEY_SIZE],
17 			const u8 scalar[CURVE25519_KEY_SIZE],
18 			const u8 point[CURVE25519_KEY_SIZE]);
19 
20 bool __must_check curve25519(u8 mypublic[CURVE25519_KEY_SIZE],
21 			     const u8 secret[CURVE25519_KEY_SIZE],
22 			     const u8 basepoint[CURVE25519_KEY_SIZE]);
23 
24 bool __must_check curve25519_generate_public(u8 pub[CURVE25519_KEY_SIZE],
25 					     const u8 secret[CURVE25519_KEY_SIZE]);
26 
curve25519_clamp_secret(u8 secret[CURVE25519_KEY_SIZE])27 static inline void curve25519_clamp_secret(u8 secret[CURVE25519_KEY_SIZE])
28 {
29 	secret[0] &= 248;
30 	secret[31] = (secret[31] & 127) | 64;
31 }
32 
curve25519_generate_secret(u8 secret[CURVE25519_KEY_SIZE])33 static inline void curve25519_generate_secret(u8 secret[CURVE25519_KEY_SIZE])
34 {
35 	get_random_bytes_wait(secret, CURVE25519_KEY_SIZE);
36 	curve25519_clamp_secret(secret);
37 }
38 
39 #endif /* CURVE25519_H */
40